How do I whitelist an app in the Firewall?

If you have an external app that needs to connect to your website this is how we configure it to securely gain access. 

Background

By default our Web application firewall blocks traffic from multiple cloud hosting providers, such as Amazon Web Services (AWS) and Google Cloud. 

This is because hackers commonly use public cloud servers to spin up resources that then scan the internet for vulnerabilities automatically. On the other side, these services are commonly used by applications to host their legitimate applications. 

Examples of these would be: 

• SEO crawlers - see 'I cant crawl my site with my SEO tool'
• Website management systems
• Backup tools 
• Website analytics 
• CDN / Image / Asset optimisation services (Smush/EWWW etc)

What do I do if my service can't access my website?

Reach out to us via a ticket with the details of the service. Commonly we will whitelist a service based on IP Address. As we have multiple systems that may be whitelisted on your website, and IP Addresses change often, you should provide us with a machine readable URL from your provider that automatically updates the IP addresses they use. 

For example: EWWW (the image CDN provider) provides a list of IP addresses and then provides a machine readable JSON format version. 

From there we will add this service into our automated Firewall management system that links directly to Cloudflare, and connect it to your website.  

As the service you use changes IP Addresses, so will the firewall a short time later, keeping you secure from unwanted threats.